forgejo/act
Archived
24
5
Fork 16
Code Issues Pull requests Releases Activity Actions

feat!: validate workflows with a schema #170

Merged
earl-warren merged 12 commits from earl-warren/act:wip-interpolation-error into main 2025-07-12 17:03:55 +00:00
Conversation 23 Commits 12 Files changed 18 +3027 -139
earl-warren commented 2025-07-05 20:12:26 +00:00
Contributor
Copy link
  • add a schema and validate workflows before acting on them
  • add enable-email-notifications to the schema
  • Forgejo has support for support services..cmd
  • the forge context is equivalent to the github context
  • secrets can be used in jobs.*.if expressions
  • expressions in env can use the env context, that works

It is a breaking change because it will fail existing workflows that contain errors that were previously undetected.
The associated release note include a strategy and example to verify workflows from the command line.

That verify was applied most repositories in the following organizations and only found a few mistakes that were fixed (e.g. actions/setup-forgejo@ef6e5bef04).

There is proof that the end-to-end run is using this pull request because it failed on both enable-email-notifications and cmd in services which do not exist in GitHub Actions and were not in the schema cherry-picked from Nektos ACT.

Note that the error returned is displayed in context with the companion pull request of the runner that can be merged afterwards. Without it the error message are displayed in the pre-step output of an invalid workflow but tey are a oneliner that is very difficult to put in context unless you know exactly what it is about.

Closes forgejo/act#169
Closes forgejo/runner#317

- add a schema and validate workflows before acting on them - add enable-email-notifications to the schema - Forgejo has support for support services.<id>.cmd - the forge context is equivalent to the github context - secrets can be used in jobs.*.if expressions - expressions in env can use the env context, that works It is a breaking change because it will fail existing workflows that contain errors that were previously undetected. The associated [release note](https://code.forgejo.org/forgejo/runner/src/branch/main/RELEASE-NOTES.md#8-0-0-not-published-yet) include a strategy and example to verify workflows from the command line. That verify was applied most repositories in the following organizations and only found a few mistakes that were fixed (e.g. https://code.forgejo.org/actions/setup-forgejo/commit/ef6e5bef04fe9ed9d79702d1ccef4222ea95579d). - https://codeberg.org/forgejo - https://code.forgejo.org/forgejo - https://code.forgejo.org/forgejo-helm/ - https://code.forgejo.org/renovate/ There is proof that the end-to-end run is using this pull request because it failed on both `enable-email-notifications` and `cmd` in services which do not exist in GitHub Actions and were not in the schema cherry-picked from Nektos ACT. Note that the error returned is displayed in context with the [companion pull request of the runner that can be merged afterwards](https://code.forgejo.org/forgejo/runner/pulls/666/files). Without it the error message are displayed in the pre-step output of an invalid workflow but tey are a oneliner that is very difficult to put in context unless you know exactly what it is about. Closes forgejo/act#169 Closes forgejo/runner#317
cascading-pr commented 2025-07-05 20:13:19 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
earl-warren changed title from feat!: validate workflows with a schema to feat!: validate workflows with a schema [skip cascade] 2025-07-05 20:36:39 +00:00
earl-warren changed title from feat!: validate workflows with a schema [skip cascade] to WIP: feat!: validate workflows with a schema [skip cascade] 2025-07-05 20:41:21 +00:00
earl-warren changed title from WIP: feat!: validate workflows with a schema [skip cascade] to WIP: feat!: validate workflows with a schema 2025-07-05 20:47:34 +00:00
cascading-pr commented 2025-07-05 20:48:25 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
earl-warren force-pushed wip-interpolation-error from 0c15daba39
Some checks failed
checks / unit (pull_request) Successful in 1m13s
Details
/ cascade (pull_request_target) Failing after 1m58s
Details
checks / integration (pull_request) Successful in 1m3s
Details
to 1ff7540828
Some checks failed
checks / unit (pull_request) Successful in 1m13s
Details
/ cascade (pull_request_target) Failing after 1m28s
Details
checks / integration (pull_request) Successful in 1m7s
Details
2025-07-05 21:26:15 +00:00 Compare
cascading-pr commented 2025-07-05 21:27:07 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
cascading-pr commented 2025-07-05 21:47:34 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
earl-warren force-pushed wip-interpolation-error from d66c8a80ec
Some checks failed
checks / unit (pull_request) Successful in 1m19s
Details
/ cascade (pull_request_target) Failing after 2m2s
Details
checks / integration (pull_request) Successful in 1m7s
Details
to 0dc6f254ac
Some checks failed
checks / unit (pull_request) Successful in 1m48s
Details
/ cascade (pull_request_target) Failing after 2m20s
Details
checks / integration (pull_request) Successful in 1m14s
Details
2025-07-05 22:07:13 +00:00 Compare
cascading-pr commented 2025-07-05 22:08:19 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
earl-warren force-pushed wip-interpolation-error from 0dc6f254ac
Some checks failed
checks / unit (pull_request) Successful in 1m48s
Details
/ cascade (pull_request_target) Failing after 2m20s
Details
checks / integration (pull_request) Successful in 1m14s
Details
to a97ed12456
Some checks failed
checks / unit (pull_request) Successful in 1m30s
Details
/ cascade (pull_request_target) Failing after 2m5s
Details
checks / integration (pull_request) Successful in 1m10s
Details
2025-07-05 22:16:07 +00:00 Compare
cascading-pr commented 2025-07-05 22:16:59 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#663

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/663
earl-warren force-pushed wip-interpolation-error from a97ed12456
Some checks failed
checks / unit (pull_request) Successful in 1m30s
Details
/ cascade (pull_request_target) Failing after 2m5s
Details
checks / integration (pull_request) Successful in 1m10s
Details
to 21c5eccc5e
Some checks failed
checks / unit (pull_request) Successful in 1m34s
Details
checks / integration (pull_request) Successful in 1m37s
Details
/ cascade (pull_request_target) Failing after 7m37s
Details
2025-07-05 22:21:29 +00:00 Compare
cascading-pr commented 2025-07-05 22:22:25 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren force-pushed wip-interpolation-error from 21c5eccc5e
Some checks failed
checks / unit (pull_request) Successful in 1m34s
Details
checks / integration (pull_request) Successful in 1m37s
Details
/ cascade (pull_request_target) Failing after 7m37s
Details
to a8efb77605
All checks were successful
checks / unit (pull_request) Successful in 1m25s
Details
checks / integration (pull_request) Successful in 1m8s
Details
/ cascade (pull_request_target) Successful in 37m13s
Details
2025-07-05 23:13:07 +00:00 Compare
cascading-pr commented 2025-07-05 23:13:59 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren changed title from WIP: feat!: validate workflows with a schema to feat!: validate workflows with a schema 2025-07-06 09:02:00 +00:00
earl-warren force-pushed wip-interpolation-error from a8efb77605
All checks were successful
checks / unit (pull_request) Successful in 1m25s
Details
checks / integration (pull_request) Successful in 1m8s
Details
/ cascade (pull_request_target) Successful in 37m13s
Details
to d196d59e62
Some checks failed
checks / unit (pull_request) Successful in 1m21s
Details
checks / integration (pull_request) Successful in 1m12s
Details
/ cascade (pull_request_target) Failing after 13m33s
Details
2025-07-06 12:16:28 +00:00 Compare
cascading-pr commented 2025-07-06 12:17:20 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren force-pushed wip-interpolation-error from d196d59e62
Some checks failed
checks / unit (pull_request) Successful in 1m21s
Details
checks / integration (pull_request) Successful in 1m12s
Details
/ cascade (pull_request_target) Failing after 13m33s
Details
to a128183f74
Some checks failed
checks / unit (pull_request) Successful in 2m3s
Details
checks / integration (pull_request) Successful in 1m31s
Details
/ cascade (pull_request_target) Failing after 15m5s
Details
2025-07-06 12:31:28 +00:00 Compare
cascading-pr commented 2025-07-06 12:32:39 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren force-pushed wip-interpolation-error from a128183f74
Some checks failed
checks / unit (pull_request) Successful in 2m3s
Details
checks / integration (pull_request) Successful in 1m31s
Details
/ cascade (pull_request_target) Failing after 15m5s
Details
to 34a06b01e1
All checks were successful
checks / unit (pull_request) Successful in 1m14s
Details
checks / integration (pull_request) Successful in 1m8s
Details
/ cascade (pull_request_target) Successful in 34m10s
Details
2025-07-06 13:10:44 +00:00 Compare
cascading-pr commented 2025-07-06 13:11:34 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren force-pushed wip-interpolation-error from 34a06b01e1
All checks were successful
checks / unit (pull_request) Successful in 1m14s
Details
checks / integration (pull_request) Successful in 1m8s
Details
/ cascade (pull_request_target) Successful in 34m10s
Details
to a134916d8e
All checks were successful
checks / unit (pull_request) Successful in 1m45s
Details
checks / integration (pull_request) Successful in 1m47s
Details
/ cascade (pull_request_target) Successful in 41m3s
Details
2025-07-07 20:32:17 +00:00 Compare
cascading-pr commented 2025-07-07 20:33:53 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#665

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/665
earl-warren commented 2025-07-07 20:36:34 +00:00
Author
Contributor
Copy link

@wetneb asking for your review because you contributed a change to improve error reporting on workflows in Forgejo. This is an entirely different codebase though, feel free to decline.

@wetneb asking for your review because you contributed a change to improve error reporting on workflows in Forgejo. This is an entirely different codebase though, feel free to decline.
earl-warren force-pushed wip-interpolation-error from a134916d8e
All checks were successful
checks / unit (pull_request) Successful in 1m45s
Details
checks / integration (pull_request) Successful in 1m47s
Details
/ cascade (pull_request_target) Successful in 41m3s
Details
to 65406c85e3
All checks were successful
checks / unit (pull_request) Successful in 1m15s
Details
checks / integration (pull_request) Successful in 1m7s
Details
/ cascade (pull_request_target) Successful in 34m51s
Details
2025-07-11 12:12:34 +00:00 Compare
cascading-pr commented 2025-07-11 12:13:26 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#689

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/689
fix: secrets can be used in jobs.*.if expressions
All checks were successful
checks / unit (pull_request) Successful in 1m16s
Details
checks / integration (pull_request) Successful in 1m7s
Details
/ cascade (pull_request_target) Successful in 36m3s
Details
4f8ec351da
cascading-pr commented 2025-07-12 11:46:03 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#689

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/689
viceice reviewed 2025-07-12 12:13:33 +00:00
viceice left a comment
Owner

i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this

i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this
pkg/model/action.go
@ -85,0 +91,4 @@
}).UnmarshalYAML(node); err != nil {
return err
}
type ActionDefault Action
viceice commented 2025-07-12 12:03:30 +00:00
Owner

why this type def? 🤔

why this type def? 🤔
earl-warren marked this conversation as resolved
pkg/model/workflow.go
@ -95,0 +102,4 @@
}).UnmarshalYAML(node); err != nil {
return errors.Join(err, fmt.Errorf("Forgejo Actions YAML Schema validation error"))
}
type WorkflowDefault Workflow
viceice commented 2025-07-12 12:03:46 +00:00
Owner

same here

same here
earl-warren commented 2025-07-12 15:09:07 +00:00
Author
Contributor

I do not know the rationale for this. It reads like a noop to me but it does not hurt. And maybe I'm missing something subtle.

🤷‍♂️

I do not know the rationale for this. It reads like a noop to me but it does not hurt. And maybe I'm missing something subtle. 🤷‍♂️
viceice commented 2025-07-12 15:16:39 +00:00
Owner

oh, I see it comes from upstream. I don't know go good enough 🫣 so probably leave it as is for compabillity

oh, I see it comes from upstream. I don't know go good enough 🫣 so probably leave it as is for compabillity
👍 1
viceice marked this conversation as resolved
earl-warren changed title from feat!: validate workflows with a schema to WIP: feat!: validate workflows with a schema 2025-07-12 15:09:34 +00:00
earl-warren commented 2025-07-12 15:10:44 +00:00
Author
Contributor
Copy link

@viceice wrote in #170 (comment):

i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this

I will do that using forgejo-runner exec --event unknown --workflows on all the repos in Forgejo space. Switching to WIP in the meantime. I may take a minute.

@viceice wrote in https://code.forgejo.org/forgejo/act/pulls/170#issuecomment-46881: > i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this I will do that using `forgejo-runner exec --event unknown --workflows ` on all the repos in Forgejo space. Switching to WIP in the meantime. I may take a minute.
👍 1
viceice commented 2025-07-12 15:17:21 +00:00
Owner
Copy link

@earl-warren wrote in #170 (comment):

@viceice wrote in #170 (comment):

i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this

I will do that using forgejo-runner exec --event unknown --workflows on all the repos in Forgejo space. Switching to WIP in the meantime. I may take a minute.

sounds like a good idea.

@earl-warren wrote in https://code.forgejo.org/forgejo/act/pulls/170#issuecomment-46911: > @viceice wrote in #170 (comment): > > > i havn't checked the full schme yet. it's very big. we should somehow validate all our existing workflows against this > > I will do that using `forgejo-runner exec --event unknown --workflows ` on all the repos in Forgejo space. Switching to WIP in the meantime. I may take a minute. sounds like a good idea.
earl-warren commented 2025-07-12 15:51:53 +00:00
Author
Contributor
Copy link

Went through all repositories in:

Found and fixed the following:

I also did not browse the entirety of the schema. I adapted it a few times (see the individual commits) and it was rather straightforward. I think it will be a major improvement for people who are faced with silent false positive when they have a typo in the name of a context.

Went through all repositories in: - https://codeberg.org/forgejo - https://code.forgejo.org/forgejo - https://code.forgejo.org/forgejo-helm/ - https://code.forgejo.org/renovate/ Found and fixed the following: - https://code.forgejo.org/forgejo/release-notes-assistant/commit/c848a4db31387c1f378c6e5fc2bb699ae29b96be I also did not browse the entirety of the schema. I adapted it a few times (see the individual commits) and it was rather straightforward. I think it will be a major improvement for people who are faced with silent false positive when they have a typo in the name of a context.
👍 1
feat: expressions in env can use the env context, that works
Some checks failed
checks / unit (pull_request) Successful in 1m17s
Details
checks / integration (pull_request) Successful in 1m10s
Details
/ cascade (pull_request_target) Failing after 56s
Details
2dd9f34c9e
cascading-pr commented 2025-07-12 15:53:00 +00:00
Contributor
Copy link

cascading-pr updated at forgejo/runner#689

cascading-pr updated at https://code.forgejo.org/forgejo/runner/pulls/689
earl-warren changed title from WIP: feat!: validate workflows with a schema to feat!: validate workflows with a schema 2025-07-12 15:53:07 +00:00
earl-warren commented 2025-07-12 15:59:46 +00:00
Author
Contributor
Copy link

The description was updated to reflect the latest developments.

The description was updated to reflect the latest developments.
viceice approved these changes 2025-07-12 16:07:02 +00:00
earl-warren commented 2025-07-12 17:03:36 +00:00
Author
Contributor
Copy link

That's a big breaking change, there will be consequences. But I'm cautiously optimistic. Thanks for taking the time to review, it was not trivial.

That's a big breaking change, there will be consequences. But I'm cautiously optimistic. Thanks for taking the time to review, it was not trivial.
👍 1
earl-warren deleted branch wip-interpolation-error 2025-07-12 17:03:55 +00:00
Commenting is not possible because the repository is archived.
Reviewers
No reviewers
Kwonunn
wetneb
viceice
Labels
Clear labels   
Compat/Breaking

Breaking change that won't be backward compatible

  
Kind/Bug

Something is not working

  
Kind
Chore
Housekeeping, cleanup and chores

  
Kind/Documentation

Documentation changes

  
Kind/Enhancement

Improve existing functionality

  
Kind/Feature

New functionality

  
Kind/Security

This is security issue

  
Kind/Testing

Issue or pull request related to testing

  
Priority
Critical
The priority is critical

  
Priority
High
The priority is high

  
Priority
Low
The priority is low

  
Priority
Medium
The priority is medium

  
Reviewed
Confirmed
Issue has been confirmed

  
Reviewed
Duplicate
This issue or pull request already exists

  
Reviewed
Invalid
Invalid issue

  
Reviewed
Won't Fix
This issue won't be fixed

  
Status
Abandoned
Somebody has started to work on this but abandoned work

  
Status
Blocked
Something is blocking this issue or pull request

  
Status
Need More Info
Feedback is required to reproduce issue or to continue work

No labels
Compat/Breaking
Kind/Bug
Kind
Chore
Kind/Documentation
Kind/Enhancement
Kind/Feature
Kind/Security
Kind/Testing
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Reviewed
Confirmed
Reviewed
Duplicate
Reviewed
Invalid
Reviewed
Won't Fix
Status
Abandoned
Status
Blocked
Status
Need More Info
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
earl-warren
3 participants
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo/act!170
No description provided.